putenv('https_proxy=...') is unreliable for HTTPS destinations across
libcurl versions - it frequently skips CONNECT tunnelling, so the first
call to login.microsoftonline.com fails auth even though the proxy itself
is reachable.
Replace the two commented putenv lines with the applyProxySettings()
pattern from index-proxy.php: $proxy / $proxy_userpwd config vars at
the top of the file and an applyProxySettings($ch) call on every curl
handle (11 handles: getAccessToken, fetchTokens, importTokens,
importCSVTokens x3, getUsers, assignToken, activateToken, unassignToken,
deleteToken).
Fixes#13
getUsers() was the only endpoint enabling CURLOPT_VERBOSE and calling
error_log() unconditionally. Both write to stderr, and on some SAPIs
(notably IIS FastCGI with fastcgi.logging=1) any stderr output fails the
request with HTTP 500 and returns the debug text as the response body,
even though the Graph call itself succeeded.
- Remove CURLOPT_VERBOSE from getUsers()
- Replace all error_log() calls with a debugLog() helper that appends to
a file in the system temp directory (outside the web root), gated by a
DEBUG_LOG flag that is off by default
Fixestoken2/token_inventory#9
Introduced automatic activation of Token2 Classic OATH tokens during CSV uploads, enhancing deployment efficiency and eliminating the need for separate activation tools.